Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevSecOps, a progression from DevOps, involves embedding security practices throughout the software development process. It emphasizes collaborating, automating, and continuous monitoring to ensure efficient delivery of secure and reliable software. We explore concepts of DevSecOps such as: We review the case of Fannie Mae, who embraced DevSecOps and succeeded in improving collaboration, reduced vulnerabilities, and accelerated software development.

Join Ryan Kovar and special guest Derrick Lawson, Staff Sales Engineer at Splunk, for a discussion about M-21-31, a US memorandum establishing an event logging maturity model for federal government agencies. They’ll discuss strategies and tools that can help agencies with compliance.

We recently announced Insights, a unique capability providing organizations with code to cloud application intelligence that enables development and security teams to manage their application security posture more effectively by identifying, prioritizing, and fixing those issues posing the greater risk. Watch: What Insights is How to access Insights How to use Insights Watch if you are interested in using Insights, have started, or work as an engineer, developer, or in DevOps.

Overview: In this SaaSTrana podcast, Mona Salvi (Senior Director - Product Security, HubSpot) talks to Venky about building a unified org structure and North Star metrics to drive security-related initiatives in a cohesive working environment. She also shares how to manage three pillars - platform security + trust & safety + payments fraud together under a single leadership umbrella. Here are some key highlights from the discussion.

This month’s episode takes off with a journey into the controversial world of skiplagging, also known as hidden city flying. Airlines and holiday businesses are taking legal action against passengers and websites like Skiplagged that exploit pricing loopholes, leaving empty seats on the second leg of multi-stop itineraries. But with scraper bots at the root of the issue, is there a technical solution to limit the practice?

Maharshi Patel and Jean-Pierre Cyrenne share financial services use cases and what best-in-class organizations are doing to ensure DevSecOps success.

We examine fundamental shifts and changes to software development approaches and how we secure developers, the code they write, and the products they build. Learn how your development teams can prioritize critical vulnerable exposure (CVE) remediation, maintain granular, centralized, and complete control of the development process, and maintain a single source of truth from code to device.

Get hands-on learning with these Tanium-Microsoft integration labs coming up at Tanium's annual user conference, CONVERGE, in Austin, Texas, November 13-16, 2023. Remote/virtual format is also available for all of these labs.

Get hands-on learning with the new Deploy RBAC features in this lab coming up at Tanium's annual user conference, CONVERGE, in Austin, Texas, November 13-16, 2023. Remote/virtual format is also available for all of these labs.

Watch Kroll’s cyber threat intelligence leaders highlight key trends observed in Q2 2023 and outline the critical issues that organizations should be aware of, including a significant rise in ransomware activity fueled by the MOVEit vulnerability and new methods of email compromise attacks.